Re: Strange Apache log entry

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 08/22/2010 03:05 PM, Gilbert Sebenste wrote:
> Thanks. They got a 404 error with me, obviously...but I wanted to make
> sure it was nothing more than that.

No, they didn't.  That's why you were warned that it was a potentially 
successful probe.

The exploit requires that you are running php and have a script that 
includes a file referenced by the global variable "g" (or maybe the http 
request varible "g").  You should check the files that appear at the 
URLs indicated in your logs.  If any of those files are php, then you 
should further check those to see if they might include files based on 
the "g" variable.  If so, you may have been compromised.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux